[WEB SECURITY] IE7 Phishing Filter Tells Microsoft The URLS You Visit?

Chris Weber chris at lookout.net
Tue Dec 19 16:39:58 EST 2006


You can always disable it, I think the first time it activates it tells you
what it's gonna do.  Firefox has something similar in the works don't they?
And Google toolbar does too.  Checking/sending internal IP addresses though,
that's just bad... likely a design bug.  Maybe they felt the need to send
all because of the complexity of dotless IP notations, although that should
be catchable down in the WININET pipeline...





-----Original Message-----
From: bugtraq at cgisecurity.net [mailto:bugtraq at cgisecurity.net] 
Sent: Tuesday, December 19, 2006 12:02 PM
To: websecurity at webappsec.org
Subject: [WEB SECURITY] IE7 Phishing Filter Tells Microsoft The URLS You
Visit?

According to SPI Labs IE7 sends personal information on urls that you
request to Microsoft.

Link: http://portal.spidynamics.com/blogs/spilabs/

- Robert
http://www.cgisecurity.com/ Web Application Security news and more
http://www.cgisecurity.com/index.rss [RSS Feed]

----------------------------------------------------------------------------
The Web Security Mailing List: 
http://www.webappsec.org/lists/websecurity/

The Web Security Mailing List Archives: 
http://www.webappsec.org/lists/websecurity/archive/
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]


----------------------------------------------------------------------------
The Web Security Mailing List: 
http://www.webappsec.org/lists/websecurity/

The Web Security Mailing List Archives: 
http://www.webappsec.org/lists/websecurity/archive/
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]



More information about the websecurity mailing list